Secretly Monopolizing the CPU Without Being Root 250
An anonymous reader writes "This year's
Usenix security symposium
includes a
paper
that implements a "cheat" utility, which allows any non-privileged user to
run his/her program, e.g., like so 'cheat 99% program'
thereby insuring that the programs would get 99% of the CPU
cycles, regardless of the presence of any other applications in the
system, and in some cases (like Linux), in a way that keeps the program
invisible from CPU monitoring tools (like 'top'). The utility exclusively
uses standard interfaces and can be trivially implemented by any
beginner non-privileged programmer. Recent efforts to improve the
support for multimedia applications make systems more susceptible to
the attack.
All prevalent operating systems but Mac OS X are vulnerable, though by
this kerneltrap story,
it appears that the new CFS Linux scheduler attempts to address the
problem that were raised by the paper."
A Useful Tool (Score:5, Funny)
gnome (Score:3, Funny)
What the?! (Score:5, Funny)
#include
int main(int argc, char *argv[])
{
while (1) {}
return 0;
}
Re:A Useful Tool (Score:5, Funny)
First announced exploit.. (Score:2, Funny)
This year's Usenix security symposium includes a paper that implements a "cheat" utility, which allows any non-privileged user to run his/her program, e.g., like so 'cheat 99% program' thereby insuring that the programs would get 99% of the CPU cycles, regardless of the presence of any other applications in the system, and in some cases (like Linux), in a way that keeps the program invisible from CPU monitoring tools (like 'top').
Next up, a virus which senses bad grammar and punishes you by using 99% of your CPU. Seriously, somewhere a middle school English teacher is crying, and doesn't know why.
Re:What does this mean? (Score:5, Funny)
If you reply, do so only to what I explicitly wrote. If I didn't write it, don't assume or infer it.
You gun-toting marxist redneck zealot astroturfers make me sick!
Back at NYIT we hacked the "nice" command... (Score:3, Funny)
We changed nice so that whenever this particular user ran it, it lowered his priority by exactly as much as he was attempting to raise it.
He stopped coming to work soon after that. I suppose he had the last laugh though -- NYIT continued to pay him for another six months.
Thad
Inevitable reply (Score:5, Funny)
Re:The "sue" command (Score:5, Funny)
The sysadmin's best defense isn't a new scheduler (Score:1, Funny)
It doesn't even matter if these CPU-hogging processes can hide from "top" - you should already be making regular rounds of your users, even the ones you haven't caught doing anything wrong. Nobody questions it when you tell them, "You know what you did." Not when you're the one with the bat.
Re:Google-cache article (Score:4, Funny)
it works by avoiding running during the exact moment of a clock tick (which would be the moment when CPU usage...
--Uhm... (looks at watch...) Say, I really don't have time for wordy summaries... could you maybe cut this down into about 10 words or less? Hurry it up! I ain't got all day!
Re:The "sue" command (Score:2, Funny)
What a scary, scary thought...
Re:Google-cache article (Score:5, Funny)
Re:How It Works (Score:2, Funny)
Re:First announced exploit.. (Score:5, Funny)
Do you think this might be related to that incident where thousands of English teachers all burst into flames moments after the first SMS-enabled phone was released?
Re:Hmmm... (Score:0, Funny)
Re:Security! (Score:3, Funny)
Re:Inevitable reply (Score:5, Funny)